package com.bianmaba.oauth.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @program: spring-oauth2.3.3-demo
 * @description:
 * @author: Chenjiabin
 * @create: 2018/11/7 8:36
 **/

@RestController
@RequestMapping("order")
public class OrderController {
    @RequestMapping("query")
    public Object query() {
        return "save order hasAnyScope('read','all)";
    }

    @RequestMapping("save")
    public Object save() {
        return "save order hasAnyScope('write','all)";
    }

    /**
     * scope授权配置可以在资源配置中配置(但需要添加@EnableGlobalMethodSecurity(prePostEnabled = true))
     *
     * @see com.bianmaba.oauth.configuration.ResourceServerConfiguration#configure(HttpSecurity)
     *
     */
    @PreAuthorize("#oauth2.hasAnyScope('write','all')")
    @RequestMapping("update")
    public Object update() {
        return "update order hasAnyScope('write','all)";
    }
}
